World Health Organization targeted in cyberespionage attack

With the COVID-19 pandemic overtaking all news cycles and attention from world governments, information is the current currency that hackers value most. As such, the World Health Organization (WHO) has found itself at the center of an aggressive cyberattack that can be qualified as cyberespionage.

According to Reuters, earlier in the month of March, an “elite” group of hackers attempted to infiltrate the network of the WHO. The World Health Organization’s chief information security officer, Flavio Aggio, said that the attack was unsuccessful. Additionally, Aggio said that there has been a sharp increase in attempted attacks on the WHO’s network, most likely due to the ability to use insider information in phishing attempts against the public.

The specific statement that Flavio Aggio made to the media was as follows:

There has been a big increase in targeting of the WHO and other cybersecurity incidents...There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.

While Aggio was unsure of the identity of the attackers, some researchers have made an educated guess. Most prominently among such researchers are the research firms of Romania’s Bitdefender and Moscow-based Kaspersky Labs. Both firms point to a group called DarkHotel based on their known modus operandi.

There is no guarantee that this is the group, but after analyzing prior DarkHotel attacks in China, North Korea, Japan, and the United States, there is enough evidence to suggest the group is responsible. Especially with the original epicenter of the COVID-19 pandemic being East Asia, and with DarkHotel being intensely active in that region, there is ample proof to point the finger.

In an interview with Reuters, Costin Raiu, head of global research and analysis at Kaspersky Labs, stated the following regarding the group’s motives:

At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country.

As these cyberespionage attacks are only increasing in number, any developments regarding the World Health Organization’s security, or DarkHotel, will be reported on as new information emerges.

Featured image: Shutterstock

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Microsoft Build 2020: All major announcements for developers

Microsoft Build 2020 included several announcements aimed at developers and the IT community. Here are…

21 mins ago

Dell unveils new PCs optimized for remote work

With remote work here to stay, companies are looking to supply employees with devices to…

3 hours ago

Using Azure Active Directory Identity Protection to boost your security

Using Azure Active Directory Identity Protection will boost your security. This step-by-step guide shows you…

21 hours ago

Review: Kemp Virtual LoadMaster load balancer

With many businesses requiring employees to work remotely, Kemp’s Virtual LoadMaster can help relieve many…

1 day ago

Microsoft warns of COVID-19-related spear-phishing campaign

COVID-19 is not going away anytime soon, and as Microsoft researchers have discovered, neither are…

1 day ago

Ansible: Introduction to this open-source automation platform

In this first of several articles on Ansible, we give you a high-level overview of…

2 days ago